package com.example.securitydemo.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HellowController {
    @RequestMapping("/helloUser")
    @PreAuthorize(value = "hasAnyAnyRole('admin','normal')")
    public String helloCommonUser(){return "hellow 拥有admin ，normal权限";}

    @RequestMapping("/admin")
    @PreAuthorize(value = "hasAnyAnyRole('admin')")
    public String hellowAdmin(){
        return "hellow admin 角色的用户就可以访问";
    }
}
